[c-nsp] BGP and HSRP

Bernd Ueberbacher noc at mynet.at
Fri May 11 18:47:12 EDT 2007


On Thu, 2007-05-10 at 10:10 -0400, Lamar Owen wrote: 
> On Wednesday 09 May 2007, myNET NOC - Bernd Ueberbacher wrote:
> > Hi everyone!
> >
> > I'm reading this list for a couple of months now and tonight I got my
> > first question :-)
> [snip details]
> 
> It is a really good list, isn't it?  I certainly have found it to be.

It definitely is! :-)
I even learned that s. ex at the work place can cause Jitter
Fluctuations *G*

> Ok, you have two upstreams, and three routers.  Let's call the first 
> upstream's router 'U1', the second upstream's router 'U2', and the internal 
> third router 'I3'.
> 
> Now, U1 will need to BGP peer with its upstream router.  U2 will need to BGP 
> peer with its upstream router.  U1 and U2 need an iBGP neighbor relationship 
> between them. (meaning you need an AS number; you can probably get your 
> upstreams to filter a private ASN for you if you don't have your own ASN).
> 
> I3 would ideally run an interior gateway routing protocol to get to U1 and U2 
> (and the rest of your network) rather than HSRP, which is designed to provide 
> failover for workstations that only have a default route (well, any device 
> with only a default route).
> 
> BGP itself will provide all the automatic failover from your upstream routers 
> back to U1 and U2; you neither need nor really want HSRP on the upstream side 
> of things.  And given that the upstreams are not on the same subnet, HSRP 
> won't even work (HSRP won't work on a /30 anyway, as there aren't enough IP 
> addresses: you need an absolute minimum of 3 usable addresses for the gateway 
> side of HSRP, not counting the stations/routers with their default gateway 
> pointing to the HSRP virtual IP, and your /30's have only two usable 
> addresses; a /29 is the smallest subnet on which HSRP will work).
> 
> Now, if you REALLY want HSRP on the LAN side, it will work, but you then don't 
> run iBGP on that side; I3 would have a simple default route to the HSRP 
> virtual address, and U1 and U2 would have LAN interfaces on the same subnet 
> as I3's interface.

I just wanted to run HSRP on the LAN side, as I would have 2 peerings to
each upstream I think it wouldn't be neccesary on the WAN side (not even
possible, too). The reason for my question was that I have some small
Ciscos in the "LAN", for which I wanted HSRP in the front. I really love
the idea of iBGP between U1 and U2 and since the small routers in my LAN
are capable of running BGP, I could run 2 peerings from my LAN routers
to U1 and U2 with just a default-originate. What do you think about
that? Would be a simple config with BGP only providing redundancy and
maybe even load-balancing (if ever needed).

Thanks for the example of your network, too!!!!!


Thanks again to all of you and have a nice day,
Bernd




More information about the cisco-nsp mailing list